New Executive Order expands foreign cyber-attack retaliation options

On April 1, 2015, President Obama signed a new executive order designed to block the property of certain persons engaging in significant malicious cyber-enabled activities. Over the past several years, the number of malicious cyber-attacks has continued to increase and experts predict that major cyber-attacks will continue to increase over the next decade.

In support of the new executive order, President Obama declared a national emergency to deal with this threat after finding that the “increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.”

The executive order enables the Treasury Secretary to target foreign individuals and entities that take part in illicit cyber-attacks for sanctions including, but not limited to, the freezing of their financial assets within the United States and barring commercial transactions with them. Such actions are meant to provide a new tool to combat against cyber threats by authorizing targeted sanctions against individuals or entities whose actions in cyberspace result in significant threats to the national security, foreign policy, economic health or financial stability of the U.S..

Some online activists believe that the new sanctions will not have any real impact, and House Speaker Boehner’s office criticized the President for not working with Republicans to enact more common-sense measures. The White House contends that President Obama is taking action to give America a new way to confront the growing threat posed by significant malicious cyber actors that may be beyond the reach of our existing capabilities. The types of malicious cyber-enabled activities that the executive order would cover include: harming or significantly compromising the provision of services by entities in a critical infrastructure sector; significantly disrupting the availability of a computer or network of computers, including through a distributed denial-of-service attack; and misappropriating funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.

Previously, President Obama imposed economic sanctions against North Korean officials and the North Korean intelligence agency for the hacking of Sony Pictures Entertainment. The recent executive order would expand his options in response to similar attacks. This is because the new order has no geographic limits, similar to the approaches taken against counterterrorism, counternarcotic, and transnational criminal organizations.

The executive order is grounded in a 1977 law, the International Emergency Economic Powers Act, which permits the president to declare a “national emergency” with respect to threats that originate outside the United States and to impose financial sanctions on the source of those threats.

Ultimately, the program’s effectiveness will depend on its implementation, but given the scarcity of legislation that addresses the increasing number of cyber-attacks against the U.S., the program appears to take a step in the right direction.